namespace Billing2
{
    using System;
    using System.Data;
    using System.Web.UI;
    using MyLib;

    public class HttpGetCRAttachment : Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            this.Response.AppendHeader("Cache-Control", "no-store");
            this.Response.AppendHeader("Cache-Control", "no-cache");
#if !DEV
            this.Response.AppendHeader("Content-Security-policy", "default-src https: data: 'unsafe-inline' 'unsafe-eval'");
#endif

            if (this.Session["SiteID"] == null)
            {
                base.Response.Redirect("default.aspx",true);
            }
            if (base.Request.QueryString["AttachID"] != null)
            {
                DataTable dt_temp = new ClsAttachmentsInChangeRequest { ID = Convert.ToInt64(base.Request.QueryString["AttachID"].ToString()) }.Select( );
                if (dt_temp != null)
                {
                    byte[] imagecontent = (byte[]) dt_temp.Rows[0]["AttachmentDetails"];
                    //check if it is PZ file header
                    if (imagecontent.Length >= 2 && imagecontent[0] == 0x4D && imagecontent[1] == 0x5A)
                    {
                        base.Response.Redirect("default.aspx", true);
                        return;
                    }
                    base.Response.ContentType = Microsoft.Security.Application.Encoder.UrlEncode(dt_temp.Rows[0]["AttachmentContentType"].ToString());
                    base.Response.AddHeader("Content-Disposition", "attachment;filename=" + Common.EscapeHeader(Common.EscapeFilename(dt_temp.Rows[0]["AttachmentName"].ToString())));
                    this.Context.Response.BinaryWrite(imagecontent);
                }
            }
        }

        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);
            ViewStateUserKey = Session.SessionID;
        }
    }
}
